ModSecurity is a plugin for Apache web servers that acts as a web app layer firewall. It's used to stop attacks towards script-driven Internet sites by using security rules which contain particular expressions. This way, the firewall can block hacking and spamming attempts and shield even Internet sites which aren't updated often. For example, numerous unsuccessful login attempts to a script administrative area or attempts to execute a specific file with the objective to get access to the script shall trigger specific rules, so ModSecurity will stop these activities the second it discovers them. The firewall is extremely efficient since it tracks the entire HTTP traffic to an Internet site in real time without slowing it down, so it will be able to prevent an attack before any damage is done. It additionally keeps a very thorough log of all attack attempts which contains more information than traditional Apache logs, so you can later analyze the data and take additional measures to boost the security of your websites if needed.
ModSecurity in Shared Website Hosting
ModSecurity is offered with every shared website hosting solution that we provide and it's activated by default for every domain or subdomain which you add via your Hepsia Control Panel. In the event that it interferes with any of your programs or you would like to disable it for any reason, you shall be able to do that through the ModSecurity area of Hepsia with only a mouse click. You may also use a passive mode, so the firewall will discover potential attacks and maintain a log, but will not take any action. You'll be able to see extensive logs in the exact same section, including the IP address where the attack came from, exactly what the attacker attempted to do and at what time, what ModSecurity did, etc. For optimum safety of our customers we use a group of commercial firewall rules mixed with custom ones that are added by our system administrators.
ModSecurity in Semi-dedicated Hosting
All semi-dedicated hosting plans which we offer come with ModSecurity and since the firewall is switched on by default, any website which you build under a domain or a subdomain shall be protected straight away. An individual section inside the Hepsia CP that comes with the semi-dedicated accounts is dedicated to ModSecurity and it'll allow you to start and stop the firewall for any Internet site or activate a detection mode. With the latter, ModSecurity will not take any action, but it will still recognize possible attacks and shall keep all data within a log as if it were fully active. The logs can be found within the very same section of the CP and they include specifics about the IP where an attack came from, what its nature was, what rule ModSecurity applies to detect and stop it, and so on. The security rules which we employ on our machines are a mix of commercial ones from a security business and custom ones made by our system administrators. Consequently, we provide greater security for your web apps as we can protect them from attacks before security businesses release updates for new threats.
ModSecurity in VPS Web Hosting
ModSecurity is pre-installed on all virtual private servers which are offered with the Hepsia hosting CP, so your web programs shall be protected from the instant your server is in a position. The firewall is turned on by default for any domain or subdomain on the Virtual Private Server, but if necessary, you can disable it with a mouse click via the corresponding section of Hepsia. You could also set it to function in detection mode, so it shall keep a detailed log of any possible attacks without taking any action to prevent them. The logs can be found in the exact same section and include details about the nature of the attack, what IP it originated from and what ModSecurity rule was triggered to stop it. For optimum security, we use not simply commercial rules from a company operating in the field of web security, but also custom ones that our admins include manually in order to react to new threats which are still not tackled in the commercial rules.
ModSecurity in Dedicated Servers Hosting
When you decide to host your sites on a dedicated server with the Hepsia CP, your web programs will be protected straight away since ModSecurity is supplied with all Hepsia-based solutions. You shall be able to manage the firewall effortlessly and if necessary, you will be able to turn it off or switch on its passive mode when it will only maintain a log of what is happening without taking any action to prevent possible attacks. The logs which you will find within the very same section of the Control Panel are quite detailed and contain info about the attacker IP, what website and file were attacked and in what way, what rule the firewall employed to prevent the intrusion, and so forth. This data shall permit you to take measures and enhance the protection of your sites even more. To be on the safe side, we use not just commercial rules, but also custom-made ones that our admins add whenever they recognize attacks that have not yet been included in the commercial pack.